by Brad Dixon | Apr 3, 2020 | Cloud, Digital Transformation, Featured, News
Zoom has had a tough week. While usage has been setting new records they have had to cope with a slew of security gaffes that have received lots of media attention. Concern over some of these issues is justified. However, Zoom seems to be getting more than its fair...
by Mike Zusman | Apr 3, 2020 | Cloud, Digital Transformation, Featured, News, Strategy
Hiring your first appsec engineer is a high-risk endeavor. Many organizations reach the conclusion they need to hire an appsec engineer after accumulating years – if not decades – of application security debt. Hiring an appsec engineer can be a long...
by Meador Inge | Feb 18, 2020 | Cloud, Featured, News, Techniques, Tools, Web
Introduction At Carve we perform at a lot of web application security assessments. Once we (1) find a vulnerability, we (2) confirm that it’s reproducible, write a proof of concept (PoC) exploit for the vulnerability to determine the impact, and then (3) focus...
by Ángel Suárez-Bárcena Martín | Jan 23, 2020 | AWS, Cloud, News, Techniques
Security is often a big concern when it comes to cloud computing. According to the Cloud Security Alliance (CSA), traditional security issues under the responsibility of cloud service providers (CSPs) are now less frequent, in contrast with those related to design,...
by Danny Rosseau | May 6, 2019 | Cloud, Tools
By Danny Rosseau Cloud providers have a wide variety of different predesigned service offerings, but they’re intended to be created and used quickly and easily, sometimes to the detriment of having secure configurations by default. It can be confusing for...
by Roman Faynburg | May 25, 2018 | Cloud, Digital Transformation
Our customers who embark on a “digital transformation” journey frequently face a dilemma as they inevitably consider the cloud as the target platform for their new product. When they need to outsource computing to the cloud, how do they do it? Do they...
